Malware

Should I remove “Malware.AI.4211578340”?

Malware Removal

The Malware.AI.4211578340 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.4211578340 virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Malware.AI.4211578340?



File Info:

name: 2CFD544714F8BA97A874.mlw
path: /opt/CAPEv2/storage/binaries/ad37803f00a73ae7cbb7ff7dba454078cb7e3f79221aae2157153e3b3a49d670
crc32: 9EB17F85
md5: 2cfd544714f8ba97a874737d48784966
sha1: 06224ad740c4bbdc5f20997131c6940969967289
sha256: ad37803f00a73ae7cbb7ff7dba454078cb7e3f79221aae2157153e3b3a49d670
sha512: 3dce417ba711bac317543f322c3424c9d87d21c63f14491e5e3375ff351fec192561e1adb29a8dbd53b271cafd0247db363e5c33d3adf10e421071b02a2fabb9
ssdeep: 3072:e/rwDLT7s+GjM4kO1YWtKSI4ARMFyi+BL30Cw3LCms9PQW3rv9mQ:3G2PDSYbl30rGfroQ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AF245AD1DB2305D1E8EEF77123AD2636C6E21C7646368DDB9721C90F60A63AC7A11C36
sha3_384: 3456d6e4fece2e878fe10b2e6e38dd968e2edf3556683fc89d53ab1bffb3dd96e39fcf73af8c54ab6a16b05741c83f79
ep_bytes: 558bec6aff68704a4100682083400064
timestamp: 2019-10-08 07:15:21


Version Info:

Comments: 
CompanyName: 深圳财富趋势科技有限公司
FileDescription: V6独立交易模块(标准版)
FileVersion: 6.63.0.0
InternalName: TcWinWT
LegalCopyright: 版权所有 通达信公司
LegalTrademarks: Tendency
OriginalFilename: 
PrivateBuild: 
ProductName: 通达信网上交易
ProductVersion: 6.0.0.0
SpecialBuild: 
自动集成: Release_Publish_6.63_20191008.1
Translation: 0x0804 0x04b0

Malware.AI.4211578340 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
FireEyeGeneric.mg.2cfd544714f8ba97
Cylanceunsafe
ZillyaDownloader.ZortobCRTD.Win32.9891
K7AntiVirusRiskware ( 00584baa1 )
K7GWRiskware ( 00584baa1 )
Cybereasonmalicious.740c4b
APEXMalicious
F-SecureTrojan.TR/Crypt.XPACK.Gen
McAfee-GW-EditionArtemis!Trojan
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan/Win32.PossibleThreat
MicrosoftPUA:Win32/Creprote
CynetMalicious (score: 99)
McAfeeArtemis!2CFD544714F8
MalwarebytesMalware.AI.4211578340
FortinetW32/PossibleThreat
DeepInstinctMALICIOUS

How to remove Malware.AI.4211578340?

Malware.AI.4211578340 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment